haxpak
4066da31e4
changed device type drop down from category to sane_default
2019-04-16 08:31:43 +05:30
haxpak
89b8e10fbe
added option "Further Analysis Required" to attribute stage
2019-04-15 17:41:39 +05:30
Andras Iklody
a8e89e3eaa
Merge branch 'master' into haxpak/#24
2019-04-15 10:52:48 +02:00
haxpak
9f4e7737a1
added attribute DNS name to device object
...
changed MAC address misp attribute to mac-address
2019-04-15 10:33:08 +05:30
haxpak
3cef676f34
added OS, version, dns-name attribute to device
...
changed misp-attribute of mac-address from text to mac-address
2019-04-15 10:29:09 +05:30
haxpak
836bd04a75
meta category for organization changed back to misc since schema_objects.json does not recognize organization as a meta category
2019-04-14 11:32:55 +05:30
haxpak
2053c17fa4
corrected typo
2019-04-14 11:27:29 +05:30
haxpak
4f1745a095
added meta category organization
2019-04-14 11:26:12 +05:30
haxpak
b24336499a
modified: objects/device/definition.json
...
modified: objects/phishing-kit/definition.json
2019-04-14 11:04:57 +05:30
haxpak
bb9ff86b2f
added MAC address to device
...
meta category of organization changed to organization
meta category of person object changed to organization
new object phishing-kit
2019-04-14 10:53:57 +05:30
haxpak
9f3fb14ed5
changed organization meta category to misc
2019-04-13 14:57:55 +05:30
haxpak
6917beee5f
reverted device to misc category
2019-04-13 14:02:26 +05:30
haxpak
63fff149f0
added requiredOneOf to device definition
2019-04-13 13:49:16 +05:30
haxpak
df91c999e6
fixed typos and ran jq_all_things
2019-04-13 13:45:05 +05:30
haxpak
23ab735119
- added : attachment attribute to annotation
...
- added : new object type device
2019-04-13 13:32:56 +05:30
haxpak
161f72678a
modified : person object "changed UI priority of the attributes"
...
modified : report object "added attachment to report"
2019-04-13 12:05:51 +05:30
haxpak
71419a999a
new-object : Organization "Defines an organization"
2019-04-13 11:55:38 +05:30
Alexandre Dulaunoy
c5532621b6
chg: [ip-port] ip-src added to fix #149
2019-04-07 22:28:36 +02:00
Alexandre Dulaunoy
006aa1d1a2
chg: [script] filename added to fix #149
2019-04-07 22:24:58 +02:00
Alexandre Dulaunoy
b4478a6c2b
add: [tor-hiddenservice] a simple object template to describe Tor Onion Service
2019-04-05 11:22:22 +02:00
Alexandre Dulaunoy
aca06cec1f
chg: [lnk] new LNK object (Windows Shortcut)
2019-04-03 14:05:39 +02:00
Alexandre Dulaunoy
4793bf33ae
chg: [process] fix the type - fix #160
2019-04-02 19:56:59 +02:00
Alexandre Dulaunoy
ba31488e5a
Merge pull request #161 from geekscrapy/geekscrapy-patch-1
...
Username is often utilised alongside a credential
2019-04-02 19:55:59 +02:00
Alexandre Dulaunoy
302182e594
Merge pull request #159 from geekscrapy/patch-1
...
Added current-directory to required field
2019-04-02 19:55:03 +02:00
molley
a50986361f
Username is often utilised alongside a credential
...
Username can often identify malicious behavior, and is usually part of the credential tuple - it can also be used to highlight common user accounts without password/api key
2019-04-02 18:26:00 +01:00
molley
490d760a4b
Added current-directory to required field
...
This field will often indicate where a malicious binary is started from, therefore a good candidate for solo use
2019-04-02 17:41:07 +01:00
molley
a85178255c
Added issuer as one of the required fields
...
This is often a field used on it's own to identify a malicious cert
2019-04-02 17:28:49 +01:00
Raphaël Vinot
0c6b7b4302
chg: Bump vehicle object
2019-04-02 17:09:02 +02:00
Alexandre Dulaunoy
047595ddeb
chg: [person] Spanish IDs added (NIE, NIF and DNI)
2019-03-15 14:36:12 +01:00
kx1499
e61344c981
Merge remote-tracking branch 'upstream/master'
2019-03-14 21:42:12 -04:00
Deborah Servili
55f5716b5d
remove accent from ilr objects - bis
2019-02-26 16:00:23 +01:00
Deborah Servili
96751b2af7
remove accent from ilrobjects
2019-02-26 15:57:58 +01:00
Deborah Servili
41dd469869
add ilr-notification-incident object
2019-02-26 15:51:20 +01:00
Deborah Servili
bd9970b1c9
fix lr-impact attributes names
2019-02-26 14:26:29 +01:00
Deborah Servili
bc05eca2b6
disable correlations on ilr-impact attributes
2019-02-26 14:05:01 +01:00
Deborah Servili
ec2851d4eb
add ilr-impact object
2019-02-26 13:57:31 +01:00
Sascha Rommelfangen
45f6aec0f5
corrected order
2019-02-25 09:29:15 +01:00
marcnil815
03870031db
jq'ed definition.json
2019-02-21 19:36:07 +01:00
marcnil815
e26e54b54a
Create splunk object definition.json
...
Adding misp-object for basic splunk search/correlation search values.
2019-02-21 16:12:54 +01:00
Alexandre Dulaunoy
b0f07156ae
Merge pull request #147 from Delta-Sierra/master
...
Person object - Add a (or several) role to a person
2019-02-21 07:20:40 +01:00
Alexandre Dulaunoy
18042c0749
chg: [elf] disable correlation on file type
2019-02-20 10:43:38 +01:00
Deborah Servili
0173504050
Person object - Add a (several) role to a person
2019-02-15 09:46:29 +01:00
Alexandre Dulaunoy
08798f1262
chg: [email] IP and hostname fields from extracted headers
2019-02-14 14:33:39 +01:00
Alexandre Dulaunoy
8a4f2c96b8
chg: [file] preferred charset used by the file (if decoded from mime-type parsing)
2019-02-14 14:16:01 +01:00
Alexandre Dulaunoy
f9bb8bfa9b
chg: [phishing] removed the IDS flag on the email used for takedown - and change attribute type
2019-02-11 06:45:18 +01:00
Sascha Rommelfangen
f09a392d49
added hostname attribute to the phishing object
2019-02-07 14:58:40 +01:00
Alexandre Dulaunoy
75ae30f44d
Merge pull request #143 from rommelfs/master
...
added values valuable to operators
2019-02-02 09:27:38 +01:00
Alexandre Dulaunoy
36dc6efab3
chg: [anonymisation] add level-of-knowledge to request for more information if needed
2019-02-01 10:19:25 +01:00
Sascha Rommelfangen
732476d7ca
added values valuable to operators
2019-02-01 09:37:31 +01:00
Alexandre Dulaunoy
f5c7530e0b
chg: [anonymisation] algo list fixed
2019-01-31 23:01:08 +01:00
Andras Iklody
86a116770b
Update definition.json
2019-01-31 22:57:49 +01:00
Alexandre Dulaunoy
b141dce581
add: [anonymisation] Anonymisation object describing an anonymisation technique which is used in MISP anonymised attributes.
2019-01-31 22:41:23 +01:00
Deborah Servili
db6297131f
Merge https://github.com/MISP/misp-objects
2019-01-28 15:44:31 +01:00
Deborah Servili
0f6f7de384
fix required field for interpol notice
2019-01-28 15:40:07 +01:00
Deborah Servili
1533703894
add interpol notice object
2019-01-28 15:26:49 +01:00
Alexandre Dulaunoy
beb0ec8bb7
chg: [script] added PHP in the most used programming language (at least when looking at malicious WebShells on the Internet)
...
- I sense a new stackoverflow survey category
Signed-off: 5c45721d-de08-4fff-b9b0-168a02de0b81
2019-01-24 13:36:09 +01:00
kx1499
a5ca2e1189
Merge remote-tracking branch 'upstream/master'
2019-01-15 21:19:19 -05:00
Alexandre Dulaunoy
b25388c406
Merge pull request #139 from Delta-Sierra/master
...
Person object - add alias as a requiredOneof attribute
2019-01-11 20:31:03 +01:00
chrisr3d
b94abc9182
Merge branch 'master' of github.com:MISP/misp-objects
2019-01-11 16:51:18 +01:00
chrisr3d
cf8c50b72e
fix: Disabled correlation for original imported samples
2019-01-11 16:50:29 +01:00
Deborah Servili
d6299e6542
update person object version
2019-01-11 15:03:11 +01:00
Deborah Servili
b0d8e91f0f
add alias as a requiredOneof attribute
2019-01-11 15:02:06 +01:00
Christophe Vandeplas
ae32e23fbf
chg: [http-request] IP as allowed type
2019-01-03 15:07:08 +01:00
Stefan Kelm
d98cfd6d16
New object: Information related to known scanning activity (e.g. from research projects)
2019-01-02 16:19:08 +01:00
eCrimeLabs
68ca8b0a92
Updated JA3 to have own data type ja3-fingerprint-md5 and bumped the version
2018-12-30 12:31:17 +01:00
Alexandre Dulaunoy
9b84576442
add: [facial-composite] new facial composite object
2018-12-21 20:41:45 +01:00
Alexandre Dulaunoy
5a9800ab6a
chg: [person] portrait added #133
2018-12-21 20:28:24 +01:00
Deborah Servili
7dfa69a743
Object Victim - Extended requiredOneof
2018-12-21 12:27:11 +01:00
Alexandre Dulaunoy
11a462e79b
chg: [person] OFAC fields - Office of Foreign Assets Control
2018-12-04 15:39:51 +01:00
Alexandre Dulaunoy
6cc29aad3d
chg: [microblog] a small clarification about the username to avoid the @
2018-11-26 22:21:51 +01:00
Alexander J
e44dd16b18
new misp object for a timesketch message
...
to be able to push timesketch messages (timesketch.org) to a misp event it is handy to have a specific type of object for it.
2018-11-23 15:40:57 +01:00
Alexandre Dulaunoy
7808850ce2
chg: [cortex] description updated as TheHive/Cortex observables will be attributes with
...
relationships from this object
2018-11-18 10:29:42 +01:00
Alexandre Dulaunoy
39dd150e2a
add: [cortex] new object based on a discussion with Jerome L. from TheHive (thanks to SNCF)
2018-11-18 10:28:18 +01:00
Alexandre Dulaunoy
3ec98a8a65
chg: [cortex-taxonomy] aka mini-report
2018-11-18 10:11:25 +01:00
Alexandre Dulaunoy
0f1f23fbb5
fix: [cortex-taxonomy] jq all the things(tm)
2018-11-09 14:21:10 +01:00
Hendrik
d61a1f3390
Added cortex taxonomy object definition
2018-11-09 12:37:34 +01:00
Alexandre Dulaunoy
78bfd806e7
Merge pull request #127 from thomaspatzke/process-extension
...
Extension of process object
2018-11-02 08:56:14 +01:00
Thomas Patzke
e12f15d5da
Fixed misp-attribute in link attribute of paste object
2018-11-02 00:40:55 +01:00
Thomas Patzke
d41b642bc4
Extension of process object
2018-11-02 00:35:28 +01:00
Steve Clement
e132ea8e03
fix: [definition] Fixed current balance type, is float.
2018-10-30 22:58:54 +09:00
Steve Clement
6560a53b80
chg: [definition] Extended crypto coin object to be able to enrich with interesting data
2018-10-30 21:30:09 +09:00
Alexandre Dulaunoy
a4207d1f36
chg: [mactime-timeline-analysis] disable some correlations
2018-10-29 20:43:36 +01:00
Alexandre Dulaunoy
ccab94e1b7
chg: [ip-api-adress] updated to ensure correlation disabled
2018-10-28 15:07:35 +01:00
Raphaël Vinot
decd49b6fc
fix: JQ things
2018-10-25 17:45:47 -04:00
Raphaël Vinot
e3d5d636e4
chg: Add type of internal reference
2018-10-25 15:47:04 -04:00
Raphaël Vinot
1a0d055caa
new: Internal reference object
2018-10-25 13:47:20 -04:00
Alexandre Dulaunoy
2f1ed1ee0c
chg: [regripper-sam-hive-single-user] uuid fixed
2018-10-25 17:49:20 +02:00
Alexandre Dulaunoy
5e952a4bf7
chg: [tsk-web-downloads] including link versus url (we assume it's malicious link by default)
2018-10-25 17:45:58 +02:00
Alexandre Dulaunoy
38a3718693
typo fixed
2018-10-25 17:42:57 +02:00
Alexandre Dulaunoy
7a70a1ece3
fix: various typos
2018-10-25 17:38:26 +02:00
Alexandre Dulaunoy
26fcbcd3bf
fix typo
2018-10-25 17:35:50 +02:00
Alexandre Dulaunoy
172b5551ba
Merge branch 'master' of github.com:MISP/misp-objects
2018-10-25 17:32:47 +02:00
Alexandre Dulaunoy
b93ad7969f
fix: jq all the things(tm)
2018-10-25 17:31:36 +02:00
Alexandre Dulaunoy
38a006b05b
Merge branch 'master' of https://github.com/Aks6193/misp-objects
2018-10-25 17:30:30 +02:00
aksha
bb119724ba
fix: Changed TSK object names to lower case
2018-10-25 13:21:08 +01:00
aksha
1cedea6506
Chg: Jq'ed all the objects
2018-10-25 12:39:48 +01:00
Alexandre Dulaunoy
15539c5e25
Merge pull request #123 from neok0/sandbox-file-attribute
...
added sandbox-file type as attribute for storing e.g. sandbox results…
2018-10-24 14:39:25 +02:00
Alexandre Dulaunoy
7bffd599ab
Merge pull request #122 from neok0/master
...
enable multiple summary attribute in report object
2018-10-24 14:37:33 +02:00
Tobias Mainka
8b861df876
fix failing check via running .jq_all_the_things.sh
2018-10-24 14:14:32 +02:00
Tobias Mainka
675b60703b
added sandbox-file type as attribute for storing e.g. sandbox results file in sandbox-report object
2018-10-24 13:58:38 +02:00
Alexandre Dulaunoy
a2ce46ecad
chg: [pcap-metadata] linktype added in the sane default
2018-10-24 07:35:31 +02:00
Alexandre Dulaunoy
3bf8c938aa
fix the required part of the url
2018-10-23 20:03:58 +02:00
Alexandre Dulaunoy
1a1972003d
add: [pcap-metadata] new object template for pcap file metadata (WiP)
2018-10-23 16:35:08 +02:00
Alexandre Dulaunoy
ae103f6080
chg: [person] add attributes to whois-related information which can be associated to a person
2018-10-23 08:43:35 +02:00
Tobias Mainka
332cf5475c
enable multiple summary attribute in report object
2018-10-22 14:55:27 +02:00
aksha
478dc899f2
Add: Web artefacts objects
2018-10-22 09:35:21 +01:00
chrisr3d
de3acf865d
fix: Disabled correlation of imported files format attribute
2018-10-22 10:13:48 +02:00
aksha
711abb094a
Add: python-etvx object
2018-10-15 11:08:09 +01:00
chrisr3d
141a0c8d41
fix: JQed ip-api-address template
2018-10-11 09:14:08 +02:00
chrisr3d
8137a58f48
fix: Fixed ip-api-address object template filename
2018-10-11 07:11:28 +02:00
Alexandre Dulaunoy
09495c3f2a
chg: [network-connection] disable correlation
2018-10-06 20:27:51 +02:00
Alexandre Dulaunoy
6ea337654a
Merge branch 'master' of github.com:MISP/misp-objects
2018-10-06 09:35:58 +02:00
Alexandre Dulaunoy
9735995ba1
chg: [process] disable correlation where it's not required
2018-10-06 07:42:34 +02:00
DigitalLeukocyte
afb1d28b2b
Added ip-api-address object
...
Object useful for IP data from http://ip-api.com .
2018-10-04 13:45:22 -07:00
DigitalLeukocyte
237b5a364b
Delete IP_API_IP_Address.json
2018-10-04 13:42:07 -07:00
DigitalLeukocyte
c39ff94f41
Deleted IP_API single file
2018-10-04 13:15:55 -07:00
DigitalLeukocyte
04aea7b596
Uploaded IP_API Object in folder
2018-10-04 13:14:42 -07:00
DigitalLeukocyte
59b1dda754
Updated to match more of ip-api.com
2018-10-04 12:41:52 -07:00
DigitalLeukocyte
ec75268f5c
Created for data from ip-api.com
2018-10-02 13:02:49 -07:00
DigitalLeukocyte
60f559f6da
Create IP_API.JSON
2018-10-02 13:01:29 -07:00
aksha
f8226fc200
Fix: Regripper object templates fixed
2018-10-02 10:14:19 +01:00
aksha
44d92e95be
Add: Regripper objects (System + Software Hive)
2018-10-01 12:18:55 +01:00
aksha
58f39ff62d
Add: regripper objects for system hive
2018-09-30 21:35:38 +01:00
Alexandre Dulaunoy
25e9f5d51a
chg: [phishing] new template object (first draft) based on the phishtank format
2018-09-28 15:14:51 +02:00
aksha
58ab539825
Fix: NTUser template
2018-09-28 12:15:21 +01:00
aksha
98459432a2
Add: Regripper 3 object templates including SAM hive and NTUSer.dat.
2018-09-28 12:13:31 +01:00
Alexandre Dulaunoy
5acaa3498f
chg: jq all the things ;-)
2018-09-27 13:19:33 +02:00
Alexandre Dulaunoy
96f234884a
Merge branch 'master' of https://github.com/Aks6193/misp-objects into Aks6193-master
2018-09-27 13:19:04 +02:00
aksha
10acf6289e
add: Misp object for Mactime-timeline-analysis
2018-09-27 11:46:32 +01:00
Alexandre Dulaunoy
01ea4c3097
chg: [malware-config] new object to describe malware configuration in clear-text or encrypted/encoded
...
ref: fix https://github.com/MISP/MISP/issues/3679
2018-09-21 07:11:38 +02:00
Alexandre Dulaunoy
4d6e0d7580
chg: [file] fullpath can be part of a single file object
2018-09-16 17:13:30 +02:00
Stefan Kelm
00184b6fc0
bgp-hijack
2018-09-13 14:13:33 +02:00
Stefan Kelm
8b5b5df77c
bgp-hijack
2018-09-13 14:05:45 +02:00
Alexandre Dulaunoy
243396a34d
chg: [ail] version of the template updated
2018-09-12 22:11:46 +02:00
Terrtia
76b3086356
fix: [ail-leak] disable correlation
2018-09-12 16:49:28 +02:00
Alexandre Dulaunoy
bb2b8d810f
chg: [tracking-id] add the tracker origin such as the vendor or software
2018-09-09 12:39:22 +02:00
Alexandre Dulaunoy
37a4a93326
chg: [original-import-file] list of "sane" default format.
2018-09-09 12:34:06 +02:00
Alexandre Dulaunoy
755dbe5837
Merge branch 'master' of github.com:MISP/misp-objects
2018-09-09 12:30:26 +02:00
Alexandre Dulaunoy
c8ecf75fdc
new: [tracking-id] Analytics and tracking ID such as used in Google Analytics or other analytic platform.
2018-09-09 12:29:58 +02:00
chrisr3d
5f74fe8fa8
Merge branch 'master' of github.com:MISP/misp-objects into chrisr3d_patch
2018-09-07 11:33:45 +02:00
chrisr3d
344b8f002e
fix: Changed 'type' attribute that is more relevant as being called 'format'
2018-09-07 11:32:47 +02:00
Alexandre Dulaunoy
767b461429
chg: [file] following some CyBOX import adding a fullpath field which includes filename and path request
2018-09-07 11:26:37 +02:00
kx1499
46c244ad08
Merge branch 'master' of https://github.com/kx499/misp-objects
2018-09-06 13:20:52 -04:00
kx1499
4ffac9da5e
updated disabling correlation for userid
2018-09-06 13:20:20 -04:00
chrisr3d
1a02c6879e
chg: Deleted filename attribute since it is already contained in attachment
2018-09-06 14:54:39 +02:00
chrisr3d
0890420856
new: New Object describing original files usedd to import data in MISP
2018-09-06 11:20:26 +02:00
Alexandre Dulaunoy
38071f4bd9
chg: [forensic-evidence] updated to include other tools and correlation disabled for some fields
2018-09-04 20:48:51 +02:00
Alexandre Dulaunoy
3a81765d8f
jq all the things (tm)
2018-09-04 20:40:16 +02:00
aksha
d2550dffb6
update: Forensic-evidence object
2018-09-04 14:18:30 +01:00
aksha
4e66e692d4
fixed intendation
2018-09-04 12:46:00 +01:00
aksha
7ee2ff1901
Add: Object template for digital evidence
2018-09-04 12:31:13 +01:00
Aks6193
d92e482a96
Merge pull request #1 from MISP/master
...
chg: [forensic-case] object added based on the original one from @Aks…
2018-09-03 20:01:41 +01:00
Alexandre Dulaunoy
0c98a925f3
chg: [forensic-case] object added based on the original one from @Aks6193
...
The idea is to separate the evidences from the case itself as you can
have multiple acquisitions for a specific case. Another object template
is required such as [forensic-evidence] to be able to link between the
forensic-case object and one or more evidences.
2018-09-03 13:54:59 +02:00
aksha
b83e98bbd4
Add: Misp object for Digital Forensic - Case metadata
2018-09-03 11:28:40 +01:00
Alexandre Dulaunoy
e90b1ce457
chg: [ja3] categories removed (default attributes categories will be used)
...
Fix MISP/MISP/issues/3593
2018-08-28 14:30:29 +02:00
Alexandre Dulaunoy
ab58f01666
chg: [geolocation] disable correlation on specific attributes
2018-08-15 18:34:35 +02:00
Alexandre Dulaunoy
487ff53afe
fix: [geolocation] to include accuracy-radius as described by maxmind geoip2 API
2018-08-15 18:26:10 +02:00
Alexandre Dulaunoy
0b164141af
chg: [vehicle] Vehicle object template to describe a vehicle information and registration
2018-08-04 15:39:38 +02:00
Deborah Servili
60010ce556
fix file object version
2018-07-27 15:19:15 +02:00
Deborah Servili
4e23159cb0
fix RequiredOneOf list in fle object
2018-07-27 15:15:47 +02:00
Deborah Servili
c1f5e7342b
url is not a field of email object, then not one of the requiredOneOf
2018-07-26 15:49:44 +02:00
Alexandre Dulaunoy
3aa3247b09
chg: [paste object] add a link attribute when the paste reference is not malicious
2018-07-26 14:06:39 +02:00
Alexandre Dulaunoy
51d8e83b1f
Merge branch 'master' of github.com:MISP/misp-objects
2018-07-20 10:18:33 +02:00
Alexandre Dulaunoy
9a72b53923
chg: allow multiple domains too fix #108
2018-07-20 10:12:09 +02:00
Andras Iklody
5af0d31c49
Allow multiple "pattern-in-file" in file object, fixes #109
2018-07-20 07:03:22 +02:00
kx1499
bf64122d32
Merge remote-tracking branch 'upstream/master'
2018-07-18 15:57:56 -04:00
Alexandre Dulaunoy
6bfa279701
new: [short-message-service] Short Message Service (SMS) object template describing one or more SMS message added
2018-07-18 09:52:31 +02:00
Raphaël Vinot
0244bce6ef
new: threatgrid-report object template
2018-07-16 13:48:56 +02:00
Alexandre Dulaunoy
9918cc393d
chg: [coin-address] ETN symbol added
2018-07-13 17:07:35 +02:00
Alexandre Dulaunoy
88819d6fa3
chg: [exploit-poc] a same context can contains multiple PoC samples
2018-07-10 09:32:12 +02:00
Alexandre Dulaunoy
021b06bacd
new: exploit-poc object describing a proof of concept or exploit of a vulnerability. This object has often a relationship with a vulnerability object.
2018-07-10 07:41:09 +02:00
Alexandre Dulaunoy
856cec8d09
chg: [vulnerability] is now in its own vulnerability meta-category
2018-07-10 07:38:28 +02:00
Alexandre Dulaunoy
9eb578d747
chg: [vulnerability] updated following NATO and CIRCL feedback
...
- CVSS score added
- CVSS string added
- credit attribute added
- text -> description
- vulnerability attribute can now be any format (not only the CVE
format)
2018-07-10 07:21:36 +02:00
Alexandre Dulaunoy
2b5592cfa6
fix: [suricata] allow multiple Suricata rules in the object (similar context) and fix the rule to be in Snort format
...
Fix #106
2018-07-09 21:50:44 +02:00
Alexandre Dulaunoy
6c36a1df69
chg: [coin-address] XMR type address added in addition to the default Bitcoin address format
2018-07-04 11:10:50 +02:00
Alexandre Dulaunoy
3b21125acd
add: missing timesketch-timeline object template
2018-06-22 07:44:20 +02:00
Alexandre Dulaunoy
d9a616095a
Chg: jq all the things
2018-06-19 21:11:24 +02:00
AH
7d1e3747d0
STIX AIS Information source
2018-06-18 19:24:31 -04:00
Thirion Aurélien
d2c9ae007a
modify ail-leak object for the tagging system
2018-06-12 11:47:44 +02:00
Alexandre Dulaunoy
b6f12a9f46
chg: new script template object
...
Object describing a computer program written to be run in a special run-time environment. The script or shell
script can be used for malicious activities but also as support tools for threat analysts.
Fix #101
2018-06-09 11:36:58 +02:00
Alexandre Dulaunoy
1ca25a39ad
fix: missing ui-priority
2018-06-09 10:59:01 +02:00
Alexandre Dulaunoy
07f41b0444
chg: EPSG and spacial-reference add fix #102
...
Following feedback during the last ENISA Cyber Europe 2018, we updated
the geolocation object to the following:
- Fixing ui-priority to ensure lat,long in order
- Adding the ability to specify an EPSG value instead of coordinates
(handy if you want to quickly express a known location/area)
- Set a default spacial-reference to avoid confusion between reported
value from GPS versus values projected into a specific spacial
projection. default is WGS-84.
2018-06-09 10:46:12 +02:00
Corsin Camichel
85901f995a
renamed url attributed, versioning date based
2018-06-05 14:39:12 +02:00
Corsin Camichel
69ed89cef0
updated definition, removed some attributes
2018-06-05 14:35:42 +02:00
Corsin Camichel
19f7c90d1a
Shortened link and its redirect target
2018-06-05 11:04:15 +02:00
Alexandre Dulaunoy
d17d11df1a
chg: username of the author added + disable correlation for origin
2018-06-04 19:46:58 +02:00
Alexandre Dulaunoy
fe3a91b8d9
chg: change version of the SS7 template object
2018-05-29 16:07:50 +02:00
chrisr3d
00bf1999fc
Merge branch 'master' of github.com:MISP/misp-objects
2018-05-25 09:13:44 +02:00
chrisr3d
e754719c00
Attribute typo
2018-05-25 09:13:14 +02:00
Alexandre Dulaunoy
52e1316717
chg: Timecode object to describe a start of video sequence (e.g. CCTV evidence) and the end of the video sequence.
2018-05-21 10:19:54 +02:00
kx499
b5da300852
Merge remote-tracking branch 'upstream/master'
2018-05-08 14:42:00 -04:00
chrisr3d
b5f352e8c2
add: Added protocol attribute in the network socket object
2018-05-08 09:26:24 +02:00
chrisr3d
536f647135
add: Added hostname (src & dst) attributes
2018-05-08 09:03:57 +02:00
Alexandre Dulaunoy
4d47c41f5e
Network socket connection template object added
2018-05-08 07:53:58 +02:00
Alexandre De Oliveira
13ec601820
Update definition.json
...
To avoid having multiple object for each similar attacks coming from the same source, we allow multiple attack source in the same attack.
2018-05-04 19:09:54 +02:00
chrisr3d
6faf42cbd2
First version of process object
...
- Potentially more attributes to come
2018-05-04 16:34:35 +02:00
Raphaël Vinot
956e649315
chg: Update email template
2018-05-03 20:49:48 +02:00
chrisr3d
4cdfd7b0a0
fix: RequiredOneOf field
...
Sorry, ate too much ananas in my pizza
2018-05-03 14:28:46 +02:00
chrisr3d
3a78d64644
Merge branch 'master' of github.com:MISP/misp-objects
2018-05-03 14:21:56 +02:00
chrisr3d
554cfe29fe
Added definition
2018-05-03 14:21:36 +02:00